Multiple improvements

13 files changed, 107 insertions, 60 deletions

diff --git a/flake.lock b/flake.lock
index 115aa8b..ff550be 100644
--- a/flake.lock
+++ b/flake.lock
@@ -8,11 +8,11 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1707830867,
-        "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
+        "lastModified": 1712079060,
+        "narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
+        "rev": "1381a759b205dff7a6818733118d02253340fd5e",
         "type": "github"
       },
       "original": {
@@ -314,17 +314,18 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1711939449,
-        "narHash": "sha256-k8HBuawAk2hWNzNkCiGebbStq3opqnyV1RdHXXojxNg=",
-        "owner": "NixOS",
+        "lastModified": 1712152126,
+        "narHash": "sha256-EPSuQvOHJ3KeuOj/Q1rnXtsh+I7RYMXnG7mr/kHIE1w=",
+        "owner": "cynerd",
         "repo": "nixpkgs",
-        "rev": "292a4d8fa11907f90eb2e9730b8cf2414f03bf58",
+        "rev": "b61a1a8c48358a010a341db02ae2777645ab8751",
         "type": "github"
       },
       "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-unstable-small",
-        "type": "indirect"
+        "owner": "cynerd",
+        "ref": "bcg-fix-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
       }
     },
     "nixpkgs_4": {
@@ -417,11 +418,11 @@
         "nixpkgs": "nixpkgs_4"
       },
       "locked": {
-        "lastModified": 1710528104,
-        "narHash": "sha256-fseLCm3s9PCNzdSNlNjgh3gS/BfeCOIAac/xyUEN0yo=",
+        "lastModified": 1711995409,
+        "narHash": "sha256-bA7nACBn5EQvt1kBHmguLeXMpOoiUv8O/8GneL1bBrc=",
         "owner": "cynerd",
         "repo": "nixturris",
-        "rev": "8c8595ac5fda5d1ab8ae6416938544298e317640",
+        "rev": "4f049cddb61655f416c841d93deba524ed0cb2bb",
         "type": "gitlab"
       },
       "original": {
@@ -526,11 +527,11 @@
         "nixpkgs": "nixpkgs_9"
       },
       "locked": {
-        "lastModified": 1709892386,
-        "narHash": "sha256-TuCeepBnNgHiBp7ykvL9f4VomndWr6iipxz9tudu0rI=",
+        "lastModified": 1712139264,
+        "narHash": "sha256-3kGqScmYMNCXZG1T4ATpfkcRY7d1nHETutAM0tB5R/4=",
         "ref": "refs/heads/master",
-        "rev": "0b8659543bba43d6298693fe84e00a0ae27dcf2e",
-        "revCount": 440,
+        "rev": "1edd3b9e7b3e0e5b62a4207553f0f2d15da49ae7",
+        "revCount": 442,
         "submodules": true,
         "type": "git",
         "url": "https://github.com/silicon-heaven/shvspy.git"
diff --git a/flake.nix b/flake.nix
index 58dc86b..0e28443 100644
--- a/flake.nix
+++ b/flake.nix
@@ -33,8 +33,7 @@
     ...
   }: let
     inherit (flake-utils.lib) eachDefaultSystem filterPackages;
-    inherit (nixpkgs.lib) attrValues mapAttrs' nameValuePair filterAttrs;
-    revision = self.shortRev or self.dirtyShortRev or "unknown";
+    inherit (nixpkgs.lib) mapAttrs' nameValuePair filterAttrs;
   in
     {
       overlays = {
@@ -51,27 +50,16 @@
         ];
       };
 
-      nixosModules = let
-        modules = import ./nixos/modules {inherit (nixpkgs) lib;};
-      in
-        modules
-        // {
-          default = {
-            imports =
-              attrValues modules
-              ++ [
-                nixdeploy.nixosModules.default
-                nixturris.nixosModules.default
-                personal-secret.nixosModules.default
-                shellrc.nixosModules.default
-                usbkey.nixosModules.default
-              ];
-            config = {
-              nixpkgs.overlays = [self.overlays.default];
-              system.configurationRevision = revision;
-            };
-          };
-        };
+      nixosModules = import ./nixos/modules {
+        inherit (nixpkgs) lib;
+        default_modules = [
+          nixdeploy.nixosModules.default
+          nixturris.nixosModules.default
+          personal-secret.nixosModules.default
+          shellrc.nixosModules.default
+          usbkey.nixosModules.default
+        ];
+      };
 
       nixosConfigurations = import ./nixos/configurations self;
       lib = import ./lib nixpkgs.lib;
diff --git a/nixos/configurations/binky.nix b/nixos/configurations/binky.nix
index bdfa47e..6dfb6a5 100644
--- a/nixos/configurations/binky.nix
+++ b/nixos/configurations/binky.nix
@@ -5,6 +5,7 @@ in {
   deploy = {
     enable = true;
     default = false;
+    ssh.host = "binky.spt";
   };
 
   cynerd = {
@@ -61,13 +62,22 @@ in {
   systemd.network = {
     networks = {
       "dhcp" = {
-        matchConfig.Name = "enp2s0f0 enp5s0f3u1u1 wlp3s0";
+        matchConfig.Name = "enp2s0f0 enp5s0f3u1u1";
         networkConfig = {
           DHCP = "yes";
           IPv6AcceptRA = "yes";
         };
         linkConfig.RequiredForOnline = "routable";
       };
+      "dhcp-wlan" = {
+        matchConfig.Name = "wlp3s0";
+        networkConfig = {
+          DHCP = "yes";
+          IPv6AcceptRA = "yes";
+        };
+        routes = [{routeConfig.Metric = 1088;}];
+        linkConfig.RequiredForOnline = "routable";
+      };
     };
     wait-online.enable = false;
   };
diff --git a/nixos/configurations/default.nix b/nixos/configurations/default.nix
index 6bc7ad9..c653c2d 100644
--- a/nixos/configurations/default.nix
+++ b/nixos/configurations/default.nix
@@ -20,7 +20,11 @@ in
       nameValuePair name (nixosSystem {
         modules = [
           (./. + ("/" + fname))
-          {networking.hostName = name;}
+          {
+            networking.hostName = name;
+            nixpkgs.overlays = [self.overlays.default];
+            system.configurationRevision = self.shortRev or self.dirtyShortRev or "unknown";
+          }
           self.nixosModules.default
         ];
         specialArgs = {
diff --git a/nixos/configurations/errol.nix b/nixos/configurations/errol.nix
index 3f7ad8c..0b9eae1 100644
--- a/nixos/configurations/errol.nix
+++ b/nixos/configurations/errol.nix
@@ -71,6 +71,10 @@ in {
   #  };
   #};
 
+  environment.systemPackages = [
+    pkgs.nvtopPackages.amd
+  ];
+
   services.syncthing = {
     enable = true;
     user = mkDefault "cynerd";
diff --git a/nixos/configurations/lipwig.nix b/nixos/configurations/lipwig.nix
index 2e5253d..090e8f5 100644
--- a/nixos/configurations/lipwig.nix
+++ b/nixos/configurations/lipwig.nix
@@ -25,9 +25,16 @@
 
     boot.loader.systemd-boot.enable = false;
 
-    fileSystems."/nas" = {
-      device = "172.16.128.63:/nas/2682";
-      fsType = "nfs";
+    fileSystems = {
+      "/nas" = {
+        device = "172.16.128.63:/nas/2682";
+        fsType = "nfs";
+      };
+      "/nas/nextcloud-sync" = {
+        device = "/nas/sync";
+        fsType = "fuse.bindfs";
+        options = ["map=syncthing/nextcloud:@syncthing/@nextcloud"];
+      };
     };
 
     networking = {
@@ -45,6 +52,15 @@
     systemd.network.wait-online.enable = false;
     systemd.services.networking-setup.wantedBy = ["network-online.target"];
 
+    environment.systemPackages = with pkgs; [
+      # fileSystems
+      bindfs
+      # Nextcloud
+      exiftool
+      ffmpeg-headless
+      nodejs
+    ];
+
     # Web ######################################################################
     services.nginx = {
       enable = true;
@@ -219,7 +235,6 @@
         };
       };
     };
-    environment.systemPackages = with pkgs; [exiftool ffmpeg-headless nodejs];
 
     # Postgresql ###############################################################
     services.postgresql = {
diff --git a/nixos/configurations/ridcully.nix b/nixos/configurations/ridcully.nix
index 3e2b474..66daf1b 100644
--- a/nixos/configurations/ridcully.nix
+++ b/nixos/configurations/ridcully.nix
@@ -1,4 +1,8 @@
-{lib, ...}: let
+{
+  lib,
+  pkgs,
+  ...
+}: let
   inherit (lib) mkDefault;
 in {
   nixpkgs.hostPlatform.system = "x86_64-linux";
@@ -55,6 +59,10 @@ in {
   #interface = "enp6s0";
   #};
 
+  environment.systemPackages = [
+    pkgs.nvtopPackages.amd
+  ];
+
   services.syncthing = {
     enable = true;
     user = mkDefault "cynerd";
diff --git a/nixos/configurations/spt-mox.nix b/nixos/configurations/spt-mox.nix
index 7b1ffb8..c5ad7fb 100644
--- a/nixos/configurations/spt-mox.nix
+++ b/nixos/configurations/spt-mox.nix
@@ -15,7 +15,7 @@
     wifiAP.spt = {
       enable = true;
       qca988x = {
-        interface = "wls1";
+        interface = "wlp1s0";
         bssids = ["04:f0:21:24:24:d2" "08:f0:21:24:24:d2"];
         channel = 7;
       };
diff --git a/nixos/configurations/spt-mox2.nix b/nixos/configurations/spt-mox2.nix
index 612e85e..c713477 100644
--- a/nixos/configurations/spt-mox2.nix
+++ b/nixos/configurations/spt-mox2.nix
@@ -14,7 +14,7 @@
     wifiAP.spt = {
       enable = true;
       qca988x = {
-        interface = "wls1";
+        interface = "wlp1s0";
         bssids = ["04:f0:21:45:d3:47" "08:f0:21:45:d3:47"];
         channel = 1;
       };
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
index ea2acb3..c47228b 100644
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@@ -1,10 +1,16 @@
-{lib}: let
+{
+  lib,
+  default_modules ? [],
+}: let
   inherit (builtins) readDir;
-  inherit (lib) filterAttrs hasSuffix mapAttrs' nameValuePair removeSuffix;
+  inherit (lib) filterAttrs hasSuffix attrValues mapAttrs' nameValuePair removeSuffix;
+
+  modules =
+    mapAttrs'
+    (fname: _: nameValuePair (removeSuffix ".nix" fname) (./. + ("/" + fname)))
+    (filterAttrs (
+      n: v:
+        v == "regular" && n != "default.nix" && hasSuffix ".nix" n
+    ) (readDir ./.));
 in
-  mapAttrs'
-  (fname: _: nameValuePair (removeSuffix ".nix" fname) (./. + ("/" + fname)))
-  (filterAttrs (
-    n: v:
-      v == "regular" && n != "default.nix" && hasSuffix ".nix" n
-  ) (readDir ./.))
+  modules // {default.imports = attrValues modules ++ default_modules;}
diff --git a/nixos/modules/wifi-spt.nix b/nixos/modules/wifi-spt.nix
index 11554a7..669439d 100644
--- a/nixos/modules/wifi-spt.nix
+++ b/nixos/modules/wifi-spt.nix
@@ -102,7 +102,7 @@ in {
                   mode = "wpa2-sha256";
                   wpaPasswordFile = "/run/secrets/hostapd-TurrisRules.pass";
                 };
-                settings = {
+                settings = mkIf is2g {
                   ieee80211w = 0;
                   wpa_key_mgmt = mkForce "WPA-PSK"; # force use without sha256
                 };
@@ -123,7 +123,10 @@ in {
     systemd.network.networks = mkMerge [
       (mkIf (cnf.ar9287.interface != null) {
         "lan-${cnf.ar9287.interface}" = {
-          matchConfig.Name = cnf.ar9287.interface;
+          matchConfig = {
+            Name = cnf.ar9287.interface;
+            WLANInterfaceType = "ap";
+          };
           networkConfig.Bridge = "brlan";
           bridgeVLANs = [
             {
@@ -149,7 +152,10 @@ in {
       })
       (mkIf (cnf.qca988x.interface != null) {
         "lan-${cnf.qca988x.interface}" = {
-          matchConfig.Name = cnf.qca988x.interface;
+          matchConfig = {
+            Name = cnf.qca988x.interface;
+            WLANInterfaceType = "ap";
+          };
           networkConfig.Bridge = "brlan";
           bridgeVLANs = [
             {
diff --git a/nixos/modules/wireguad.nix b/nixos/modules/wireguad.nix
index ca28818..f52c95e 100644
--- a/nixos/modules/wireguad.nix
+++ b/nixos/modules/wireguad.nix
@@ -79,6 +79,8 @@ in {
         networkConfig = {
           Address = "${config.cynerd.hosts.wg."${hostName}"}/24";
           IPForward = is_endpoint;
+          DNS = mkIf (hostName != "dean") ["10.0.20.30" "10.0.20.31"];
+          Domains = mkIf (hostName != "dean") "~elektroline.cz";
         };
         routes =
           (optional (hostName != "lipwig") {
diff --git a/pkgs/default.nix b/pkgs/default.nix
index dc4dcae..77b6215 100644
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@@ -33,4 +33,7 @@ final: prev: {
     };
     outputs = ["out"];
   };
+  gnupg = prev.gnupg.overrideAttrs (oldAttrs: {
+    nativeBuildInputs = oldAttrs.nativeBuildInputs ++ [prev.libgpg-error];
+  });
 }